116.204.110.99
Open in
urlscan Pro
116.204.110.99
Public Scan
Submission Tags: c2 malware vshell Search All
Submission: On October 29 via api from US — Scanned from DE
Summary
This is the only time 116.204.110.99 was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 116.204.110.99 116.204.110.99 | 55990 (HWCSNET H...) (HWCSNET Huawei Cloud Service data center) | |
13 | 1 |
ASN55990 (HWCSNET Huawei Cloud Service data center, CN)
PTR: ecs-116-204-110-99.compute.hwclouds-dns.com
116.204.110.99 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 | 0 |
Domain | Requested by | |
---|---|---|
13 | 0 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://116.204.110.99:8082/login/index
Frame ID: 7F7F1CAAF4EE318FEE4740C3DA79B667
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Vshell - 登录Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
index
116.204.110.99/login/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome.min.css
116.204.110.99/static/css/ |
54 KB 54 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
solid.min.css
116.204.110.99/static/css/ |
668 B 862 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
116.204.110.99/static/css/ |
156 KB 156 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
116.204.110.99/static/css/ |
199 KB 200 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.4.1.min.js
116.204.110.99/static/js/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
116.204.110.99/static/js/ |
59 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
language.js
116.204.110.99/static/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
116.204.110.99/static/css/ |
16 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.woff2
116.204.110.99/static/webfonts/ |
74 KB 75 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
languages.xml
116.204.110.99/static/page/ |
31 KB 32 KB |
XHR
text/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zh-CN.png
116.204.110.99/static/img/flag/ |
503 B 683 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en-US.png
116.204.110.99/static/img/flag/ |
389 B 569 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| bootstrap object| languages object| charts object| chartdatas undefined| postsubmit function| langreply function| submitform function| changeunit function| login object| nps string| string2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
116.204.110.99/ | Name: beegosessionID Value: 38204cef5d11828452d96c17687c40b7 |
|
116.204.110.99/ | Name: lang Value: en-US |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
116.204.110.99
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1590f871a620b6f171f4a03b2f9b06cf25c21101d71b8a3905eb0f02f7bf86bd
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
6a1b302725fff132a68a26d1c1eb0d59151937bc94fd84bd71db16d7f8df956c
a564f5dddf47414b410891a347293a02feed259a9060497f579c80e93ed5e370
ab8b9ee68c32df7b73f268fe4370bae564539e1ae4868ee3e0ba64511b04b5dd
d0dc6a1e6dd49ac935b7f7892d3fa37531b78b4eb54f9b459ef2da079c18e94e
d87a4564c20bd4f8afe113d5750f78b169440bcabb98c6c3b4b9cac9a8b82bae
e8ffdf8b4e949356e8af19ecd43febca3d80cf8fc677003a6899156de89dabf3
f03720a941a15871ec4cb8f5a9c1abd0eb8f6ca90dd51c038c86d9e832a1fd10
fec7717a72b5343a3048dba9860c23bfcc12a2c48d641d2de64a17a9ded7a8e2